IACR News
Here you can see all recent updates to the IACR webpage. These updates are also available:
21 September 2020
Karim M. Abdellatif, Olivier Hériveaux
ePrint Report19 September 2020
Information Security Group, Royal Holloway, University of London, UK
Job PostingThe ISG is a nice place to work; it’s a friendly environment with strong research going on in several areas. We got people working across the field of information security including several people working on cryptography. For example, Carlos Cid, Anamaria Costache, Lydia Garms, Jianwei Li, Sean Murphy, Rachel Player, Eamonn Postlethwaite, Joe Rowell, Fernando Virdia and Martin Albrecht all have looked at or are looking at lattice-based cryptography.
The ISG is one of the largest departments dedicated to information security in the world with 21 core academic staff in the department, as well as research and support staff. We work with many research partners in other departments and have circa 90 PhD students working on a wide range of security research, many of whom are fully funded through our Centre for Doctoral Training in Cyber Security. We have a strong, vibrant, embedded and successful multi-disciplinary research profile spanning from cryptography to systems security and social aspects of security. This vibrant environment incorporates visiting researchers, weekly research seminars, weekly reading groups, PhD seminars and mini conferences, the WISDOM group (Women in the Security Domain Or Mathematics) and we are proud of our collegial atmosphere and approach.
A postdoc here is a 100% research position, i.e. the postdoc would not have teaching duties. That said, if the applicant would like to gain some teaching experience, we can arrange for that as well.
Closing date for applications:
Contact: Martin Albrecht
More information: https://martinralbrecht.wordpress.com/2020/09/17/postdoc-at-royal-holloway-on-lattice-based-cryptography-4/
16 September 2020
TU Darmstadt, Germany
Job PostingCurrent topics of interest include (but are not limited to):
- Secure cryptographic implementations
- Leakage/tamper resilient cryptography
- Blockchains and cryptocurrencies
- Distributed cryptography
The candidate shall be able to show solid expertise in cryptography/IT Security illustrated in form of publications at major crypto/security venues such as CRYPTO, EUROCRYPT, ASIACRYPT, TCC, PKC, CHES, FC, ACM CCS, Oakland, USENIX Security, NDSS etc.
The position offers an internationally competitive salary including social benefits. TU Darmstadt is a leading university for Computer Science and offers excellent working environment in the heart of the Rhein-Main metropolitan area. It has a strong institute for research on IT security and cryptography with more than 300 researchers working on all aspects of cybersecurity. Review of applications starts immediately until the position is filled.
Closing date for applications:
Contact: sebastian.faust@cs.tu-darmstadt.de
Halifax, Canada, 19 October - 20 October 2020
Event CalendarVillanova University
Job PostingRequirements: preferred to be at the majors of Computer Science or Computer Engineering. Majoring in Mathematics are also ok. Proficiency in programming languages such as C, C++, Python, and so on is needed. Good at English communication and writing. Great enthusiasm of doing research oriented tasks. Excellent team worker.
Degree: both B.S. and M.S. graduates or similar are warmly welcomed to apply.
Deadline: better to start at Spring 2021 (Fall 2021 is also ok). It is always better to apply as early as possible. Positions are open until they are filled.
Closing date for applications:
Contact: Jiafeng Harvest Xie (jiafeng.xie@villanova.edu)
Research Group COSIC at University of Leuven, Belgium
Job PostingClosing date for applications:
Contact: jobs-cosic@esat.kuleuven.be
More information: https://www.esat.kuleuven.be/cosic/vacancies/
Research Group COSIC at University of Leuven, Belgium
Job PostingClosing date for applications:
Contact: jobs-cosic@esat.kuleuven.be
More information: https://www.esat.kuleuven.be/cosic/vacancies/
15 September 2020
Thomas Haines, Rajeev Gore, Bhavesh Sharma
ePrint ReportThe best solution to preventing these errors is to machine-check the cryptographic properties of the design and implementation of the mix net. Particularly crucial for the integrity of the outcome is the soundness of the design and implementation of the verifier (software). Unfortunately, several different encryption schemes are used in many different slight variations which makes t infeasible to machine-check every single case individually. However, a particular optimized variant of the Terelius-Wikstrom mix net is, and has been, widely deployed in elections including national elections in Norway, Estonia and Switzerland, albeit with many slight variations and several different encryption schemes.
In this work, we develop the logical theory and formal methods tools to machine-check the design and implementation of all these variants of Terelius-Wikstrom mix nets, for all the different encryption schemes used; resulting in provably correct mix nets for all these different variations. We do this carefully to ensure that we can extract a formally verified implementation of the verifier (software) which is compatible with existing deployed implementations of the Terelius-Wikstrom mix net. This gives us provably correct implementations of the verifiers for more than half of the national elections which have used verifiable mix nets.
Our implementation of a proof of correct shuffle is the first to be machine-checked to be cryptographically correct and able to verify proof transcripts from national elections. We demonstrate the practicality of our implementation by verifying transcripts produced by the Verificatum mix net system and the CHVote evoting system from Switzerland.
Konstantin Kalgin, Valeriya Idrisova
ePrint ReportMuhammad ElSheikh, Amr M. Youssef
ePrint ReportAbhraneel Dutta, Aaron Hutchinson, Koray Karabina
ePrint ReportIvan Damgård, Claudio Orlandi, Akira Takahashi, Mehdi Tibouchi
ePrint ReportIn this paper, we construct several lattice-based distributed signing protocols with low round complexity following the Fiat--Shamir with Aborts paradigm of Lyubashevsky (Asiacrypt 2009). Our protocols can be seen as distributed variants of the fast Dilithium-G signature scheme. A key step to achieve security (overlooked in some earlier papers) is to prevent the leakage that can occur when parties abort after their first message---which can inevitably happen in the Fiat--Shamir with Aborts setting. We manage to do so using lattice-based homomorphic commitments as constructed by Baum et al. (SCN 2018).
We first propose a three-round $n$-out-of-$n$ signature from Module-LWE with tight security (using ideas from lossy identification schemes). Then, we further reduce the complexity to two rounds, at the cost of relying on Module-SIS as an additional assumption, losing tightness due to the forking lemma, and requiring somewhat more expensive trapdoor commitments. The construction of suitable trapdoor commitments from lattices is a side contribution of this paper. Finally, we also obtain a two-round multi-signature scheme as a variant of our two-round $n$-out-of-$n$ protocol.
Gora Adj, Jesús-Javier Chi-Domínguez, Francisco Rodríguez-Henríquez
ePrint ReportWouter Castryck, Thomas Decru, Frederik Vercauteren
ePrint ReportShuichi Katsumata, Kris Kwiatkowski, Federico Pintore, Thomas Prest
ePrint ReportGili Schul-Ganz, Gil Segev
ePrint ReportOur lower bound applies already to the most basic form of accumulators (i.e., static accumulators that support membership proofs), and holds both for known-order (and even multilinear) groups and for unknown-order groups, where it matches the asymptotic performance of the known bilinear and RSA accumulators, respectively. In addition, it complements the techniques underlying the generic-group accumulators of Boneh, B{\"{u}}nz and Fisch (CRYPTO '19) and Thakur (ePrint '19) by justifying their application of the Fiat-Shamir heuristic for transforming their interactive batch-verification protocols into non-interactive procedures.
Moreover, motivated by a fundamental challenge introduced by Aggarwal and Maurer (EUROCRYPT '09), we propose an extension of the generic-group model that enables us to capture a bounded amount of arbitrary non-generic information (e.g., least-significant bits or Jacobi symbols that are hard to compute generically but are easy to compute non-generically). We prove our lower bound within this extended model, which may be of independent interest for strengthening the implications of impossibility results in idealized models.
Thai Duong, Duong Hieu Phan, Ni Trieu
ePrint ReportWe explore in detail how to use our delegated PSI-CA protocol to perform privacy-preserving contact tracing. It has been estimated that a significant percentage of a given population would need to use a contact tracing app to stop a diseases spread. Prior privacy-preserving contact tracing systems, however, impose heavy bandwidth or computational demands on client devices. These demands present an economic disincentive to participate for end users who may be billed per MB by their mobile data plan or for users who want to save battery life. We propose Catalic (ContAct TrAcing for LIghtweight Clients), a new contact tracing system that minimizes bandwidth cost and computation workload on client devices. By applying our new delegated PSI-CA protocol, Catalic shifts most of the client-side computation of contact tracing to untrusted servers, and potentially saves each user hundreds of megabytes of mobile data per day while preserving privacy.